Yesterday French researchers said that a solution has been found to save Windows files encrypted by WannaCry which is the last-chance way for technicians. Since last one week, the WannaCry ransomware started to sweep around the globe which has infected more than 300,000 computers in 150 nations, threatens to lock out users who have not paid a sum of $300 USD to $600 USD within one week of infection.
The French researchers cautioned that their solution will work only in certain conditions. It will work if computers had not been rebooted since becoming infected. And it will also work if the victim applied the fix before the WannaCry ransomware carried out its threat to lock the user’s files permanently.
A group of 3 researchers has been developed it. The said group includes a security expert, Adrien Guinet; Matthieu Suiche, an internationally-known hacker; and Benjamin Delpy, a bank officer of “Banque de France”. The group said, “We decided that we must go fast because, as time passes, obviously there is less chance to recover”. Mr. Delpy calls his decrypting tool “wanakiwi” which will decrypt files without paying the ransom.
Delpy’s Wanakiwi was quickly tested to work on Windows 7 and older Windows XP. A blogger Mr. Suiche said that he believed the hastily developed fix also works with Windows 2008, 2003 and Vista, meaning the entire universe of affected computers. According to him, the method should work with any operating system from XP to Windows-7. Delpy added that till now, banking, energy, and some govt intelligence agencies from European countries and India contacted him regarding the fix. Mr. Suiche from Dubai and one of the world’s top independent security researchers, provided advice to ensure the fix worked in all various versions of Windows.
Mr. Guinet has developed the concept and Mr. Delpy has invented the tool. Mr. Suiche’s blog post links to the Delpy’s “wanakiwi” decryption tool which is based on the concept of Guinet. His idea involves extracting the keys to WannaCry encryption codes using prime numbers rather than attempting to break an endless digit string behind the malicious software. According to Mr. Suiche, this is not the perfect solution, but this is so far the only workable last solution to help enterprises to recover their files if they have no back-ups. The tool allows users to restore data without paying black-mailers. Till Wednesday, half of all internet addresses corrupted globally by WannaCry were located in China, Russia, and India, with 20 to 30 percent of infections.
Inte3llegence firm Kryptos Logic said that the USA accounts for seven percent of WannaCry infections while Britain, France, and Germany each represent only 2 percent of worldwide attacks. Only 309 transactions worth around $94,000 USD appear to have been paid into WannaCry blackmail accounts by this Friday, which is seven days after the attack began.
